CN109725951A - Control method, system, electronic equipment and computer-readable medium - Google Patents
Control method, system, electronic equipment and computer-readable medium Download PDFInfo
- Publication number
- CN109725951A CN109725951A CN201811638829.9A CN201811638829A CN109725951A CN 109725951 A CN109725951 A CN 109725951A CN 201811638829 A CN201811638829 A CN 201811638829A CN 109725951 A CN109725951 A CN 109725951A
- Authority
- CN
- China
- Prior art keywords
- application
- son
- network equipment
- information
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
Embodiment of the disclosure discloses control method, system, electronic equipment and computer-readable medium.This method is used for electronic equipment, and a specific embodiment of this method includes: the operation requests for receiving the son application of female application and being written and read to buffer area, wherein the son application is with female application for running environment;It based on the operation requests, controls the son application and the target memory area for being modeled as buffer area is written and read, to forbid the son application to be written and read buffer area.The embodiment is written and read the memory field for being modeled as buffer area by control son application, to forbid son application to be written and read buffer area, to improve the safety of user information, reduces the operation risk of sub- application.
Description
Technical field
Embodiment of the disclosure is related to field of computer technology, and in particular to control method, system, electronic equipment and calculating
Machine readable medium.
Background technique
In the prior art, often the son of mother application can further be loaded by the basis of mother's application installation
Using to be extended to the function of mother's application.For example, above-mentioned female application can be application software, the son application of mother application
It can be boarding application, such as small routine.
In general, son application is to rely on female application operation, since son application usually has a dynamic characteristic, therefore son application and
Mother's application is easy to happen the safety problems such as unauthorized access, information leakage at runtime.
Summary of the invention
The present disclosure proposes control method, system, electronic equipment and computer-readable mediums.
In a first aspect, embodiment of the disclosure provides a kind of control method, this method is used for electronic equipment, this method packet
It includes: receiving the operation requests that the son application of female application is written and read buffer area, wherein son application is operation with mother's application
Environment;Based on operation requests, controls son application and the target memory area for being modeled as buffer area is written and read, to forbid son to answer
It is written and read with to buffer area.
Second aspect, embodiment of the disclosure provide a kind of control system, including first network equipment and the second network
Equipment, first network equipment is for supporting female application, and second network equipment is used to support female son application applied, and son application is with mother
Using for running environment, in which: second network equipment is configured to send sub- application request to buffer area to first network equipment
The operation requests being written and read;First network equipment, is configured to based on operation requests, controls son application to being modeled as delaying
The target memory area for rushing area is written and read, to forbid son application to be written and read buffer area.
The third aspect, embodiment of the disclosure provide a kind of electronic equipment, comprising: one or more processors;Storage
Device is stored thereon with one or more programs, when said one or multiple programs are executed by said one or multiple processors,
So that the one or more processors realize the method such as any embodiment in above-mentioned control method.
Fourth aspect, embodiment of the disclosure provide a kind of computer-readable medium, are stored thereon with computer program,
The method such as any embodiment in above-mentioned control method is realized when the program is executed by processor.
Control method, system, electronic equipment and the computer-readable medium that embodiment of the disclosure provides, it is female by receiving
The son application operation requests that buffer area is written and read of application, wherein son application with mother's application for running environment, so
Afterwards, operation requests are based on, son application is controlled and the target memory area for being modeled as buffer area is written and read, to forbid sub- application
Buffer area is written and read, so that the memory field for being modeled as buffer area is written and read by control son application, with
Forbid son application to be written and read buffer area, to improve the safety of user information, reduces the operation of sub- application
Risk.
Detailed description of the invention
By reading a detailed description of non-restrictive embodiments in the light of the attached drawings below, the disclosure is other
Feature, objects and advantages will become more apparent upon:
Fig. 1 is that some embodiments of the present disclosure can be applied to exemplary system architecture figure therein;
Fig. 2 is the flow chart according to one embodiment of the control method of the disclosure;
Fig. 3 A- Fig. 3 B is the schematic diagram according to an application scenarios of the control method of the disclosure;
Fig. 4 is the flow chart according to another embodiment of the control method of the disclosure;
Fig. 5 is the interactive process schematic diagram according to the electronic equipment of one embodiment of the control system of the disclosure;
Fig. 6 is the interactive process schematic diagram according to the electronic equipment of another embodiment of the control system of the disclosure;
Fig. 7 is adapted for the structural representation for the computer system for realizing the electronic equipment of some embodiments of the present disclosure
Figure.
Specific embodiment
The disclosure is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched
The specific embodiment stated is used only for explaining related invention, rather than the restriction to the invention.It also should be noted that in order to
Convenient for description, part relevant to related invention is illustrated only in attached drawing.
It should be noted that in the absence of conflict, the feature in embodiment and embodiment in the disclosure can phase
Mutually combination.The disclosure is described in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
Fig. 1 is shown can be using the example of the embodiment of the control method or control system of some embodiments of the present disclosure
Property system architecture 100.
As shown in Figure 1, system architecture 100 may include terminal device 101,102,103, network 104 and the network equipment
105.Network 104 between terminal device 101,102,103 and the network equipment 105 to provide the medium of communication link.Network
104 may include various connection types, such as wired, wireless communication link or fiber optic cables etc..
User can be used terminal device 101,102,103 and be interacted with the network equipment 105 by network 104, with reception or
Send message (such as sending the operation requests that son application is written and read buffer area) etc..Terminal device 101,102,103
On various telecommunication customer end applications can be installed, such as web browser applications, the application of shopping class, searching class application, immediately
Means of communication, mailbox client, social platform software etc..
Herein, the client application installed on terminal device 101,102,103 can be female application, can run thereon
There is sub- application.Son application is with mother's application for running environment.Since the operation of sub- application is applied dependent on female, thus, mother's application can
Rights management is carried out with the various operations of antithetical phrase application, to control the operation of son application.
Terminal device 101,102,103 can be hardware, be also possible to software.When terminal device 101,102,103 is hard
When part, it can be the various electronic equipments with display screen and supported web page browsing, including but not limited to smart phone, plate
Computer, pocket computer on knee and desktop computer etc..When terminal device 101,102,103 is software, can install
In above-mentioned cited electronic equipment.Multiple softwares or software module may be implemented into (such as providing distributed clothes in it
The software or software module of business), single software or software module also may be implemented into.It is not specifically limited herein.
The network equipment 105 can be to provide the server of various services, such as to running on terminal device 101,102,103
Female application and son application at least one of the background server supported is provided.Background server can operation to receiving
The data such as request carry out the processing such as analyzing, and processing result is fed back to terminal device.
Herein, electronic equipment described in the embodiment of the present disclosure can be including in the above-mentioned network equipment and terminal device
At least one of any electronic equipment.
It should be noted that control method provided by embodiment of the disclosure can be executed by the network equipment 105, it can also
To be executed by terminal device 101,102,103.
It should be noted that the network equipment can be hardware, it is also possible to software.It, can be with when the network equipment is hardware
It is implemented as the distributed server cluster of multiple server compositions, individual server also may be implemented into.When server is software
When, multiple softwares or software module (such as providing the software of Distributed Services or software module) may be implemented into, it can also
To be implemented as single software or software module.It is not specifically limited herein.
It should be understood that the number of terminal device, network and the network equipment in Fig. 1 is only schematical.According to realization
It needs, can have any number of terminal device, network and the network equipment.When the electronic equipment of control method operation thereon
When not needing to carry out data transmission with other electronic equipments, which can only include the electricity of control method operation thereon
Sub- equipment.
With continued reference to Fig. 2, the process 200 of one embodiment of the control method according to the disclosure is shown.The controlling party
Method is used for electronic equipment, comprising the following steps:
Step 201, the operation requests that the son application of female application is written and read buffer area are received.
In the present embodiment, the executing subject (such as the network equipment shown in FIG. 1 or terminal device) of control method can be with
By wired connection mode or radio connection from other electronic equipments or local, the son application of female application is received to slow
Rush the operation requests that area is written and read.Wherein, son application is with mother's application for running environment.
In the present embodiment, female application can be any application that can be installed on terminal device.For example, female application can
To include but is not limited to: social software, shopping class software, searching class software, payment class software etc..
In the present embodiment, son application can be the application with female application for running environment.For example, son application can be mother
The plug-in unit of application;It is also possible to the boarding application of female application, such as small routine.
It is appreciated that usually son application can by call the provided application programming interface of female application (API,
Application Programming Interface), it is female using the function not having to realize.In practice, it is existing very much
Chat software, the application of payment class, searching class application, can provide application programming interface, so that the son of mother application is answered
With the exploitation and use of (such as small routine), to realize Function Extension.Since the operation of sub- application is applied dependent on female, because
And the various operations that female application can be applied with antithetical phrase carry out rights management, to control the operation of son application.For example, in sub- application
Before executing operation, the operation requests of its operation to be performed can be sent to above-mentioned executing subject first, according to above-mentioned
Executing subject is directed to the authorization of the operation requests or forbids, to determine whether to execute the operation.
In the present embodiment, above-mentioned executing subject can be the terminal device for being equipped with female application of the sub- application, can also
To be the network equipment for supporting female application of the sub- application.
As an example, can be the reception mould for being set to the terminal device when above-mentioned executing subject is terminal device
Block.Send the operation requests that the son application of female application is written and read buffer area, the step for executing subject can be
It is set to the sending module of the terminal device.Above-mentioned receiving module can receive the son application of female application from sending module as a result,
The operation requests that buffer area is written and read.
It as another example, can be from the mother for being equipped with above-mentioned sub- application when above-mentioned executing subject is the network equipment
The terminal device of application receives the operation requests that the son application of female application is written and read buffer area.
In practice, by the way of son application can be using calling for female using the application programming interface encapsulated in advance,
To be written and read to buffer area.Above-mentioned executing subject can be by determining received operation requests as a result, if is
The operation requests for calling the application programming interface being written and read to buffer area, so that it is determined that received operation is asked
The operation requests that the no son application for female application of Seeking Truth is written and read buffer area.
Optionally, it may be predetermined that the mark of each operation.The son application of mother's application is written and read buffer area
Operation requests in may include its requested operation mark.Above-mentioned executing subject can be by determining that operation is asked as a result,
The son application for identifying whether to indicate female application for including in asking is written and read buffer area, so that it is determined that received behaviour
Request whether to be the son of female application using the operation requests for being written and read buffer area.
Step 202, operation requests are based on, son application is controlled and behaviour is written and read to the target memory area for being modeled as buffer area
Make, to forbid son application to be written and read buffer area.
In the present embodiment, based on the operation requests received in step 201, above-mentioned executing subject can control sub- application
The target memory area for being modeled as buffer area is written and read, to forbid son application to be written and read buffer area.Wherein,
Target memory area can be the memory field for being modeled as buffer area.
It herein, can be by preparatory package application Program Interfaces, to realize target memory area according to file system
The protocol emulation of system is buffer area;The operation that buffer area is written and read can also be asked in the son application for receiving female application
After asking, the data for the buffer area read will be requested to be read out from target memory area, alternatively, write-in will be requested to buffer
In the data write-in target memory area in area, to realize that by target memory area be buffer area according to the protocol emulation of file system.
The cache access of sub- application is directed to above-mentioned target memory area thus, it is possible to realize
It is appreciated that can determine that son application is requested first according to the operation requests received in aforesaid operations request
The data being written and read.Then, identified data are read out from target memory area, alternatively, will be identified
Target memory area is written in data, also, son application is forbidden to be written and read buffer area.
In some optional implementations of the present embodiment, son application includes: that female application is called to mention under operation
The application of the application programming interface of confession.
It is appreciated that group application includes answering for the application programming interface for calling female application to provide under operating status
Used time, can by the monitoring grain size refinement of the permission of sub- application to interface level, so as to more precisely antithetical phrase apply into
Row control.
In some optional implementations of the present embodiment, operation requests are to store data in the request of buffer area.
And above-mentioned executing subject can be with: in the case where mother's application is out of service, data that delete target memory field is stored.
It is appreciated that after mother's application is out of service, the data that delete target memory field is stored, to the target memory area
Recycling destruction is carried out, the unauthorized access or information leakage of traditional file system buffer area can be avoided to a certain extent in this way
The problem of.
In some optional implementations of the present embodiment, operation requests are to store data in the request of buffer area.
Operation requests include storage data.Storage is that user's antithetical phrase application is operated and generated, to be stored in buffering with data
The data in area.And above-mentioned executing subject can be with: being encrypted to storage with data.
Herein, above-mentioned executing subject can encrypt storage with data: advanced using following at least one algorithm
Encryption standard (AES, Advanced Encryption Standard) algorithm, triple data encryption algorithm (TDEA, Triple
Data Encryption Algorithm), Secure Hash Algorithm (SHA, Secure Hash Algorithm).
It is appreciated that the safety of data storage can be improved by being encrypted to storage with data, visit of going beyond one's commission is reduced
The probability of happening for the problems such as asking, and reduce information leakage caused by as the problems such as unauthorized access.
In some optional implementations of the present embodiment, storage is encrypted with data for above-mentioned, this step
Suddenly, above-mentioned executing subject can also execute in the following way:
Firstly, obtaining at least one of following encryption information: the user identifier of user, sub- application this starting time.
Herein, above-mentioned user identifier can be one-to-one correspondence to indicate user, between user identifier and user
Relationship.
Then, it uses information as seed acquired encryption, generates symmetric key.
Herein, above-mentioned executing subject can be directed to various specific Encryption Algorithm, in different ways, to generate pair
Claim key, is not limited thereto.
Finally, being encrypted to storage with data based on symmetric key using predetermined symmetric encipherment algorithm.
Herein, above-mentioned symmetric encipherment algorithm can include but is not limited at least one of following: DESede is (symmetrical by DES
A kind of improved symmetric encipherment algorithm of Encryption Algorithm), Advanced Encryption Standardalgorithm, IDEA algorithm, based on password encryption (PBE,
Password Base Encryption) algorithm etc..
It is appreciated that herein, since that there are the both sides for sending and receiving data must use is identical for symmetric encipherment algorithm
The characteristics of operation is encrypted and decrypted in plain text in key pair, thus may be implemented for different users and/or son application, next life
At different symmetric keys, operated and what is generated deposits thus, it is possible to make son application that can only access user and apply to the son
Storage data, so as to further increase the safety of data storage, further, it is also possible to hair the problems such as prevent unauthorized access
It is raw, and information leakage caused by as the problems such as unauthorized access is avoided, realize the isolation operation between different sub- applications.
It should be noted that step 202 and data storage, encrypting step have no strict sequence;In some implementations
In example, step 202 may collectively form the data inputting step of completion with data storage, encrypting step.
In some optional implementations of the present embodiment, following steps one and step are can also be performed in above-mentioned executing subject
Rapid two:
Step 1 is determining the case where sub- application request is called for female using the application programming interface encapsulated in advance
Under, the verifying information that son application is sent is obtained, and verifying is digitally signed with information to verifying.
Herein, above-mentioned verifying can be with information for verifying whether son application there is calling to seal in advance for female application
The information of the permission of the application programming interface of dress.Verifying is digitally signed with information to verifying, can determine sub- application
Whether there is corresponding permission, such as call the permission of the application programming interface encapsulated in advance for female application, access institute
Request permission of data read etc..
Step 2 determines that son application has the power for calling application programming interface in the case where determining through verifying
Limit.
It is appreciated that by being digitally signed verifying with information to verifying, to be adjusted to determine whether son application has
With the permission of application programming interface, the safety of data access can be improved, prevent information leakage.
It is the network equipment in above-mentioned executing subject, and determine son in some optional implementations of the present embodiment
In the case where unverified, at least one in following steps one and step 2 is can also be performed in above-mentioned executing subject:
Step 1 forbids son application to call the application programming interface of institute's request call.
Step 2, the terminal used to user send the instruction that safety instruction information is presented.
Herein, above-mentioned safety instruction information can serve to indicate that the information of user there are security risks.
It is appreciated that the terminal can be presented safety and mention after receiving the instruction that safety instruction information is presented in terminal
Show information, there are security risks to prompt user information.Hereafter, user can by some measures (such as report the sub- application,
Unload son application etc.), to realize the protection to personal information.
In some optional implementations of the present embodiment, verifying is included at least one of the following: with information requests to adjust
The interface name of application programming interface, the parameter name of the application programming interface of institute's request call, son application are asked
Seek the uniform resource locator of the resource of operation.
It is appreciated that when verifying information includes the interface name of the application programming interface of institute's request call, and asked
It, can be by carrying out digital label with information to verifying when seeking at least one in the parameter name of the application programming interface of calling
Name verifying, to determine whether son application has the permission for the application programming interface for calling institute's request call;When verifying letter
Breath includes that when requesting the uniform resource locator of the resource of operation, can be tested by being digitally signed to verifying with information
Card, to determine whether son application has the permission for the resource for reading uniform resource locator instruction.
It with continued reference to Fig. 3 A- Fig. 3 B, Fig. 3 A- Fig. 3 B is shown according to one of the application scenarios of the control method of the present embodiment
It is intended to.In the application scenarios of Fig. 3 A, son application (in diagram for using 1) is activated that (such as user clicks and presents in terminal 301
, icon for starting the sub- application).Later, as shown in Figure 3B, server 302 receives the son application of female application to buffering
The operation requests 303 that area is written and read.Wherein, son application is with mother's application for running environment.Then, server 302 is based on
Operation requests 303 control son application and are written and read to the target memory area 304 for being modeled as buffer area, to forbid sub- application
Is written and read to buffer area 305
The method provided by the above embodiment of the disclosure, the son application by receiving female application are written and read behaviour to buffer area
Then the operation requests of work are based on operation requests, control son application and be written and read behaviour to the target memory area for being modeled as buffer area
Make, to forbid son application to be written and read buffer area, thus by control son application to the memory field for being modeled as buffer area
It is written and read, to forbid son application to be written and read buffer area, which thereby enhances the safety of user information, reduce
The operation risk of sub- application.
With further reference to Fig. 4, it illustrates the processes 400 of another embodiment of control method.The stream of the control method
Journey 400, comprising the following steps:
Step 401, the operation requests that the son application of female application is written and read buffer area are received.Later, step is executed
Rapid 402.
In the present embodiment, the executing subject (such as the network equipment shown in FIG. 1 or terminal device) of control method can be with
By wired connection mode or radio connection from other electronic equipments or local, the son application of female application is received to slow
Rush the operation requests that area is written and read.Wherein, son application is with mother's application for running environment.Operation requests are to store data
Request in buffer area.Operation requests include storage data.Storage is that user's antithetical phrase application is operated and generated with data
, data to be stored in buffer area.
Step 402, operation requests are based on, son application is controlled and behaviour is written and read to the target memory area for being modeled as buffer area
Make, to forbid son application to be written and read buffer area.
In the present embodiment, based on the operation requests received in step 401, above-mentioned executing subject can control sub- application
The target memory area for being modeled as buffer area is written and read, to forbid son application to be written and read buffer area.Wherein,
Target memory area can be the memory field for being modeled as buffer area.
In the present embodiment, above-mentioned steps 401 and step 402 and step 201 and step 202 base in the embodiment of Fig. 2
This is consistent, and which is not described herein again.
Step 403, obtain at least one of following encryption information: the user identifier of user, sub- application this starting when
Between.Later, step 404 is executed.
In the present embodiment, at least one available following encryption information of above-mentioned executing subject: user's mark of user
Know, this starting time of sub- application.Wherein, above-mentioned user identifier can be to indicate user, between user identifier and user
It can be one-to-one relationship.
Step 404, it uses information as seed acquired encryption, generates symmetric key.Later, step 405 is executed.
In the present embodiment, above-mentioned executing subject can use acquired encryption information as seed, generate symmetrical close
Key.
Step 405, storage is encrypted with data using predetermined symmetric encipherment algorithm based on symmetric key.
Later, step 406 is executed.
In the present embodiment, above-mentioned executing subject can be based on symmetric key, using predetermined symmetric encipherment algorithm,
Storage is encrypted with data.
Step 406, the application programming interface encapsulated in advance for female application is called in response to the sub- application request of determination,
The verifying information that son application is sent is obtained, and verifying is digitally signed with information to verifying.Later, step 407 is executed.
In the present embodiment, in the application programming interface for determining that sub- application request calling encapsulates in advance for female application
In the case where, the verifying information that the above-mentioned available son application of executing subject is sent, and number is carried out with information to verifying
Signature verification.
Step 407, it is determined whether pass through verifying.Later, if so, thening follow the steps 408;If it is not, thening follow the steps 409.
In the present embodiment, above-mentioned executing subject can determine whether son application passes through verifying.
Step 408, determine that son application has the permission for calling application programming interface.
In the present embodiment, in the case where determining son application by verifying, above-mentioned executing subject can determine sub- application
With the permission for calling application programming interface.
Step 409, son application is forbidden to call the application programming interface of institute's request call;And/or used to user
Terminal sends the instruction that safety instruction information is presented.
In the present embodiment, in the case where determining that son application is unverified, above-mentioned executing subject can forbid son to answer
With the application programming interface for calling institute's request call;And/or the terminal used to user sends and safety instruction information is presented
Instruction.
It should be noted that step 402 and data storage, encrypting step have no strict sequence;In some implementations
In example, step 402 may collectively form the data inputting step of completion with data storage, encrypting step.
Figure 4, it is seen that the process 400 of the control method in the present embodiment is prominent compared with the corresponding embodiment of Fig. 2
Go out and storage has been encrypted with data and the step of antithetical phrase application is verified.The scheme of the present embodiment description can as a result,
The problem of to further increase the safety of user information, avoid unauthorized access and information leakage.
Turn next to Fig. 5, Fig. 5 is interacting according to the electronic equipment of one embodiment of the control system of the disclosure
Journey schematic diagram.
Control system in embodiment of the disclosure may include first network equipment and second network equipment, first network
For supporting female application, second network equipment is used to support that female son application applied, son application are operation ring with mother's application equipment
Border.
As shown in figure 5, in step 501, second network equipment sends sub- application request to buffering to first network equipment
The operation requests that area is written and read.
In the present embodiment, second network equipment can send sub- application request to first network equipment and carry out to buffer area
The operation requests of read-write operation.
In the present embodiment, second network equipment and first network equipment can be respectively set to server, can also be with
It is set to same server.For example, when second network equipment and first network equipment are arranged at same server, the second net
Network equipment and first network equipment can be different units included by same server.
In the present embodiment, son application can be the application with female application for running environment.For example, son application can be mother
The boarding application of application, such as small routine.Mother's application can be any application that can be installed on terminal device.For example, female
Using can include but is not limited to: social software, shopping class software, searching class software, payment class software etc..
It is appreciated that usually son application can by call the provided application programming interface of female application (API,
Application Programming Interface), it is female using the function not having to realize.In practice, it is existing very much
Chat software, payment class application, searching class application, application programming interface can be provided, for sub- application exploitation and
It uses, to realize Function Extension.Since the operation of sub- application is applied dependent on female, thus, what mother's application can be applied with antithetical phrase
Various operations carry out rights management, to control the operation of son application.
In some optional implementations of the present embodiment, son application includes: that female application is called to mention under operation
The application of the application programming interface of confession.
It is appreciated that group application includes answering for the application programming interface for calling female application to provide under operating status
Used time, can by the monitoring grain size refinement of the permission of sub- application to interface level, so as to more precisely antithetical phrase apply into
Row control.
In step 502, first network equipment is based on operation requests, controls son application in the target for being modeled as buffer area
It deposits area to be written and read, to forbid son application to be written and read buffer area.
In the present embodiment, first network equipment can be based on operation requests, control son application to being modeled as buffer area
Target memory area is written and read, to forbid son application to be written and read buffer area.Wherein, target memory area can be
It is modeled as the memory field of buffer area.
It herein, can be by preparatory package application Program Interfaces, to realize target memory area according to file system
The protocol emulation of system is buffer area;The operation that buffer area is written and read can also be asked in the son application for receiving female application
After asking, the data for the buffer area read will be requested to be read out from target memory area, alternatively, write-in will be requested to buffer
In the data write-in target memory area in area, to realize that by target memory area be buffer area according to the protocol emulation of file system.
The cache access of sub- application is directed to above-mentioned target memory area thus, it is possible to realize.
It is appreciated that can determine that son application is requested first according to the operation requests received in aforesaid operations request
The data being written and read.Then, identified data are read out from target memory area, alternatively, will be identified
Target memory area is written in data, also, son application is forbidden to be written and read buffer area.
In some optional implementations of the present embodiment, first network equipment is further configured to: in response to determining son
Application request calls the application programming interface encapsulated in advance for female application, obtains the verifying information that son application is sent,
And verifying is digitally signed with information to verifying.Then, it in the case where determining through verifying, determines that son application has and adjusts
With the permission of application programming interface.
Herein, above-mentioned verifying can be with information for verifying whether son application there is calling to seal in advance for female application
The information of the permission of the application programming interface of dress.Verifying is digitally signed with information to verifying, can determine sub- application
Whether there is corresponding permission, such as call the permission of the application programming interface encapsulated in advance for female application, access institute
Request permission of data read etc..
It is appreciated that by being digitally signed verifying with information to verifying, to be adjusted to determine whether son application has
With the permission of application programming interface, the safety of data access can be improved, prevent information leakage.
In some optional implementations of the present embodiment, operation requests are to store data in the request of buffer area,
Above-mentioned control system further includes the terminal device for being equipped with female application.And terminal device, it is configured in response to determine that mother answers
With out of service, it is used to indicate to the transmission of first network equipment and female exits information using operation out of service.First network is set
It is standby, it is further configured to: exiting information, the data that delete target memory field is stored in response to receiving operation.
It is appreciated that after mother's application is out of service, the data that delete target memory field is stored, to the target memory area
Recycling destruction is carried out, the unauthorized access or information leakage of traditional file system buffer area can be avoided to a certain extent in this way
The problem of.
In some optional implementations of the present embodiment, first network equipment is further configured to: not being passed through in determination
In the case where verifying, at least one of following operation is executed: son application being forbidden to call application programming interface;It is sent out to terminal device
Deliver the instruction of existing safety instruction information.
Herein, above-mentioned safety instruction information can serve to indicate that the information of user there are security risks.
It is appreciated that the terminal can be presented safety and mention after receiving the instruction that safety instruction information is presented in terminal
Show information, there are security risks to prompt user information.Hereafter, user can by some measures (such as report the sub- application,
Unload son application etc.), to realize the protection to personal information.
The control system that embodiment of the disclosure provides controls son application to being modeled as buffer area by first network equipment
Memory field be written and read, with forbid son application buffer area is written and read, to improve the peace of user information
Quan Xing reduces the operation risk of sub- application.
With continued reference to FIG. 6, Fig. 6 is the interaction according to the electronic equipment of another embodiment of the control system of the disclosure
Process schematic.
Control system in embodiment of the disclosure may include that first network equipment, second network equipment and terminal are set
Standby, for supporting female application, second network equipment is used to that female son application applied, son application to be supported to answer with mother first network equipment
With for running environment, installing terminal equipment has female application.
As shown in fig. 6, in step 601, second network equipment sends sub- application request to buffering to first network equipment
The operation requests that area is written and read.
In the present embodiment, second network equipment can send sub- application request to first network equipment and carry out to buffer area
The operation requests of read-write operation.Wherein, operation requests are to store data in the request of buffer area.Operation requests include that storage is used
Data.Storage is that user's antithetical phrase application is operated and generated, to be stored in the data of buffer area with data.
In step 602, first network equipment is based on operation requests, controls son application in the target for being modeled as buffer area
It deposits area to be written and read, to forbid son application to be written and read buffer area.
In the present embodiment, first network equipment can be based on operation requests, control son application to being modeled as buffer area
Target memory area is written and read, to forbid son application to be written and read buffer area.
In the present embodiment, above-mentioned steps 601 and step 602 and step 501 and step 502 base in the embodiment of Fig. 5
This is consistent, and which is not described herein again.
In step 603, first network equipment obtains encryption information.
In the present embodiment, first network equipment is available uses information.Wherein, encryption information may include with
It is at least one of lower: the user identifier of user, sub- application this starting time.Herein, above-mentioned user identifier can be to refer to
Show user, can be one-to-one relationship between user identifier and user.
In step 604, encryption is used information as seed by first network equipment, generates symmetric key.
In the present embodiment, first network equipment can use acquired encryption information as seed, generate symmetrical close
Key.
Herein, above-mentioned first network equipment can be directed to various specific Encryption Algorithm, in different ways, next life
At symmetric key, it is not limited thereto.
In step 605, first network equipment is based on symmetric key, using predetermined symmetric encipherment algorithm, to depositing
Storage is encrypted with data.
In the present embodiment, first network equipment can be based on symmetric key, using predetermined symmetric encipherment algorithm,
Storage is encrypted with data.
Herein, above-mentioned symmetric encipherment algorithm can include but is not limited at least one of following: DESede is (symmetrical by DES
A kind of improved symmetric encipherment algorithm of Encryption Algorithm), Advanced Encryption Standardalgorithm, IDEA algorithm, based on password encryption (PBE,
Password Base Encryption) algorithm etc..
It is appreciated that herein, since that there are the both sides for sending and receiving data must use is identical for symmetric encipherment algorithm
The characteristics of operation is encrypted and decrypted in plain text in key pair, thus may be implemented for different users and/or son application, next life
At different symmetric keys, operated and what is generated deposits thus, it is possible to make son application that can only access user and apply to the son
Storage data, so as to further increase the safety of data storage, the hair for the problems such as can also usually preventing unauthorized access
It is raw, and information leakage caused by as the problems such as unauthorized access is avoided, realize the isolation operation between different sub- applications.
In step 606, second network equipment obtains decryption information.
In the present embodiment, information is used in the available decryption of second network equipment.
Herein, decryption information may include at least one of following: the user identifier of user, sub- application this starting
Time.Herein, above-mentioned user identifier can be one-to-one pass to indicate user, between user identifier and user
System.Decryption information can be identical as encryption information.
In step 607, decryption is used information as seed by second network equipment, generates symmetric key.
In the present embodiment, second network equipment can use decryption information as seed, generate symmetric key.
Herein, second network equipment can by the way of similar with above-mentioned steps 607, using decryption use information as
Seed, Lai Shengcheng symmetric key.
In step 608, second network equipment is based on the symmetric key locally generated, using the inverse operator of symmetric encipherment algorithm
Storage is decrypted with data for method.
In the present embodiment, second network equipment can be based on the symmetric key locally generated, using symmetric encipherment algorithm
Algorithm for inversion, storage is decrypted with data.
In step 609, terminal device determines that female application is out of service.
In the present embodiment, terminal device can determine that female application is out of service.
As an example, terminal device can be by the way of the operation of the female application of monitoring, to determine whether female application is exited
Operation.Optionally, the generation predetermined information after out of service can also be applied by the way that mother is arranged, is believed as a result, by the reservation
Breath can indicate that female application is out of service.
In step 610, terminal device is used to indicate mother to the transmission of first network equipment and moves back using operation out of service
Information out.
In the present embodiment, terminal device can send to first network equipment and be used to indicate mother using fortune out of service
Row exits information.
In step 611, the data that first network equipment delete target memory field is stored.
In the present embodiment, the data that first network equipment can be stored with delete target memory field.
In some optional implementations of the present embodiment, first network equipment is further configured to: in response to determining the
Two network equipments meet preset condition, and the instruction that safety instruction information is presented is sent to terminal device.Wherein, preset condition includes
At least one of below: second network equipment is greater than preset duration threshold value with the decryption duration that data are decrypted to storage;Second
The network equipment is greater than predeterminated frequency threshold value with the decryption frequency that data are decrypted to storage.Wherein, above-mentioned safety instruction information
Can serve to indicate that the information of user, there are security risks.
It is appreciated that the son that can characterize acquisition information at this time is answered when second network equipment meets above-mentioned preset condition
With not having the permission for obtaining requested access to resource, alternatively, not having using requesting the application programming used to connect
The permission of mouth.As a result, under this application scenarios, second network equipment sends the finger that safety instruction information is presented to terminal device
It enables.After receiving the instruction that safety instruction information is presented in terminal, which can be presented safety instruction information, to prompt to use
There are security risks for family information.Hereafter, user (such as can be reported the sub- application, unload the sub- application by some measures
Deng), to realize the protection to personal information.
Embodiment of the disclosure provide control system, by mother application it is out of service after, delete target memory field
The data stored carrying out storage with data to storage are encrypted to it, read in sub- application request buffer area
When write operation operates, it is first determined whether son application has the permission for calling application programming interface, is answered with determination with antithetical phrase
With being verified, to realize being isolated for son application and external environment, such as the sub- application can not read other sub- applications
The data stored, and realize the control of the application programming interface permission of antithetical phrase application.
Below with reference to Fig. 7, it illustrates the computer systems for the electronic equipment for being suitable for being used to realize embodiment of the disclosure
700 structural schematic diagram.Electronic equipment shown in Fig. 7 is only an example, should not function to embodiment of the disclosure and
Use scope brings any restrictions.
As shown in fig. 7, computer system 700 includes central processing unit (CPU) 701, it can be read-only according to being stored in
Program in memory (ROM) 702 or be loaded into the program in random access storage device (RAM) 703 from storage section 708 and
Execute various movements appropriate and processing.In RAM 703, also it is stored with system 700 and operates required various programs and data.
CPU 701, ROM 702 and RAM 703 are connected with each other by bus 704.Input/output (I/O) interface 705 is also connected to always
Line 704.
I/O interface 705 is connected to lower component: the importation 706 including keyboard, mouse etc.;It is penetrated including such as cathode
The output par, c 707 of spool (CRT), liquid crystal display (LCD) etc. and loudspeaker etc.;Storage section 708 including hard disk etc.;
And the communications portion 709 of the network interface card including LAN card, modem etc..Communications portion 709 via such as because
The network of spy's net executes communication process.Driver 710 is also connected to I/O interface 705 as needed.Detachable media 711, such as
Disk, CD, magneto-optic disk, semiconductor memory etc. are mounted on as needed on driver 710, in order to read from thereon
Computer program be mounted into storage section 708 as needed.
Particularly, in accordance with an embodiment of the present disclosure, it may be implemented as computer above with reference to the process of flow chart description
Software program.For example, embodiment of the disclosure includes a kind of computer program product comprising be carried on computer-readable medium
On computer program, which includes the program code for method shown in execution flow chart.In such reality
It applies in example, which can be downloaded and installed from network by communications portion 709, and/or from detachable media
711 are mounted.When the computer program is executed by central processing unit (CPU) 701, limited in execution disclosed method
Above-mentioned function.
It should be noted that computer-readable medium described in the disclosure can be computer-readable signal media or meter
Calculation machine readable storage medium storing program for executing either the two any combination.Computer readable storage medium for example can be --- but not
Be limited to --- electricity, magnetic, optical, electromagnetic, infrared ray or semiconductor system, device or device, or any above combination.Meter
The more specific example of calculation machine readable storage medium storing program for executing can include but is not limited to: have the electrical connection, just of one or more conducting wires
Taking formula computer disk, hard disk, random access storage device (RAM), read-only memory (ROM), erasable type may be programmed read-only storage
Device (EPROM or flash memory), optical fiber, portable compact disc read-only memory (CD-ROM), light storage device, magnetic memory device,
Or above-mentioned any appropriate combination.In the disclosure, computer readable storage medium can be it is any include or storage journey
The tangible medium of sequence, the program can be commanded execution system, device or device use or in connection.And at this
In open, computer-readable signal media may include in a base band or as the data-signal that carrier wave a part is propagated,
Wherein carry computer-readable program code.The data-signal of this propagation can take various forms, including but unlimited
In electromagnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be that computer can
Any computer-readable medium other than storage medium is read, which can send, propagates or transmit and be used for
By the use of instruction execution system, device or device or program in connection.Include on computer-readable medium
Program code can transmit with any suitable medium, including but not limited to: wireless, electric wire, optical cable, RF etc. are above-mentioned
Any appropriate combination.
The calculating of the operation for executing the disclosure can be write with one or more programming languages or combinations thereof
Machine program code, described program design language include object-oriented programming language-such as Python, Java,
Smalltalk, C++ further include conventional procedural programming language-such as " C " language or similar program design language
Speech.Program code can be executed fully on the user computer, partly be executed on the user computer, as an independence
Software package execute, part on the user computer part execute on the remote computer or completely in remote computer or
It is executed on server.In situations involving remote computers, remote computer can pass through the network of any kind --- packet
It includes local area network (LAN) or wide area network (WAN)-is connected to subscriber computer, or, it may be connected to outer computer (such as benefit
It is connected with ISP by internet).
Flow chart and block diagram in attached drawing are illustrated according to the system of the various embodiments of the disclosure, method and computer journey
The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can generation
A part of one module, program segment or code of table, a part of the module, program segment or code include one or more use
The executable instruction of the logic function as defined in realizing.It should also be noted that in some implementations as replacements, being marked in box
The function of note can also occur in a different order than that indicated in the drawings.For example, two boxes succeedingly indicated are actually
It can be basically executed in parallel, they can also be executed in the opposite order sometimes, and this depends on the function involved.Also it to infuse
Meaning, the combination of each box in block diagram and or flow chart and the box in block diagram and or flow chart can be with holding
The dedicated hardware based system of functions or operations as defined in row is realized, or can use specialized hardware and computer instruction
Combination realize.
Being described in unit involved in embodiment of the disclosure can be realized by way of software, can also be passed through
The mode of hardware is realized.
As on the other hand, the disclosure additionally provides a kind of computer-readable medium, which can be
Included in electronic equipment described in above-described embodiment;It is also possible to individualism, and without in the supplying electronic equipment.
Above-mentioned computer-readable medium carries one or more program, when said one or multiple programs are held by the electronic equipment
When row, so that the electronic equipment: receiving the operation requests that the son application of female application is written and read buffer area, wherein son
It applies using with mother as running environment;Based on operation requests, controls son application and the target memory area for being modeled as buffer area is carried out
Read-write operation, to forbid son application to be written and read buffer area.
Above description is only the preferred embodiment of the disclosure and the explanation to institute's application technology principle.Those skilled in the art
Member is it should be appreciated that invention scope involved in the disclosure, however it is not limited to technology made of the specific combination of above-mentioned technical characteristic
Scheme, while should also cover in the case where not departing from foregoing invention design, it is carried out by above-mentioned technical characteristic or its equivalent feature
Any combination and the other technical solutions formed.Such as features described above has similar function with (but being not limited to) disclosed in the disclosure
Can technical characteristic replaced mutually and the technical solution that is formed.
Claims (16)
1. a kind of control method is used for electronic equipment, comprising:
Receive the operation requests that the son application of female application is written and read buffer area, wherein the son application is with the mother
Using for running environment;
Based on the operation requests, controls the son application and the target memory area for being modeled as buffer area is written and read, with
The son application is forbidden to be written and read buffer area.
2. according to the method described in claim 1, wherein, the son application includes: to call female application under operation
The application of the application programming interface of offer.
3. according to the method described in claim 1, wherein, the operation requests are to store data in asking for the buffer area
It asks;And
The method also includes:
It is out of service in response to female application, delete the data that the target memory area is stored.
4. according to the method described in claim 1, wherein, the operation requests are to store data in asking for the buffer area
It asks, the operation requests include storage data, and the storage is that user generates the son using operating with data
, data to be stored in the buffer area;And
The method also includes:
The storage is encrypted with data.
5. described to be encrypted to the storage with data according to the method described in claim 4, wherein, comprising:
Obtain at least one of following encryption information: the user identifier of the user, the sub- application this starting time;
It uses information as seed acquired encryption, generates symmetric key;
Based on the symmetric key, using predetermined symmetric encipherment algorithm, the storage is encrypted with data.
6. method described in one of -5 according to claim 1, wherein the method also includes:
The application programming interface encapsulated in advance for female application is called in response to the determination sub- application request, is obtained
The verifying information that the son application is sent, and verifying is digitally signed with information to the verifying;
Determine that the son application has the permission for calling the application programming interface by verifying in response to determining.
7. according to the method described in claim 6, wherein, the method is used for the network equipment;And
The method also includes:
It is unverified in response to determination, execute at least one of following operation:
The son application is forbidden to call the application programming interface of institute's request call;
The terminal used to the user sends the instruction that safety instruction information is presented.
8. according to the method described in claim 6, wherein, the verifying is included at least one of the following: with information
Interface name, the parameter of the application programming interface of institute's request call of the application programming interface of institute's request call
Name, the son application request the uniform resource locator of the resource of operation.
9. a kind of control system, including first network equipment and second network equipment, the first network equipment is for supporting mother
Using second network equipment is used to support that the son application of female application, the son application to be operation with female application
Environment, in which:
Second network equipment is configured to send the sub- application request to the first network equipment to buffer area progress
The operation requests of read-write operation;
The first network equipment, is configured to based on the operation requests, controls the son application to being modeled as buffer area
Target memory area is written and read, to forbid the son application to be written and read the buffer area.
10. system according to claim 9, wherein the operation requests are to store data in the request of buffer area, institute
The system of stating further includes the terminal device for being equipped with female application;And
The terminal device is configured in response to determine that female application is out of service, and Xiang Suoshu first network equipment is sent
It is used to indicate the mother and exits information using operation out of service;
The first network equipment, is further configured to: exiting information in response to receiving the operation, deletes the target memory
The data that area is stored.
11. system according to claim 10, wherein the operation requests include storage data, and number is used in the storage
The son is generated, using operating to be stored in the data of the buffer area according to being user;And
The first network equipment, is further configured to: obtaining encryption information, wherein the encryption information includes the use
This of the user identifier at family and the sub- application start at least one in the time;Use information as seed the encryption,
Generate symmetric key;Based on the symmetric key, using predetermined symmetric encipherment algorithm, the storage is carried out with data
Encryption;
Second network equipment is further configured to obtain decryption information, wherein the decryption information includes to be verified
This of the user identifier of user and the sub- application start at least one in the time;Use information as kind the decryption
Son generates symmetric key;It is deposited using the algorithm for inversion of the symmetric encipherment algorithm to described based on the symmetric key locally generated
Storage is decrypted with data.
12. system according to claim 11, wherein the first network equipment is further configured to:
Meet preset condition in response to determination second network equipment, Xiang Suoshu terminal device, which is sent, is presented safety instruction information
Instruction, wherein the preset condition includes at least one of the following:
Second network equipment is greater than preset duration threshold value with the decryption duration that data are decrypted to the storage;
Second network equipment is greater than predeterminated frequency threshold value with the decryption frequency that data are decrypted to the storage.
13. the system according to one of claim 9-12, wherein the first network equipment is further configured to:
The application programming interface encapsulated in advance for female application is called in response to the determination sub- application request, is obtained
The verifying information that the son application is sent, and verifying is digitally signed with information to the verifying;
Determine that the son application has the permission for calling the application programming interface by verifying in response to determining.
14. system according to claim 13, wherein the first network equipment is further configured to:
It is unverified in response to determination, it executes at least one of following operation: the son application being forbidden to call the application program
Programming interface;The instruction that safety instruction information is presented is sent to the terminal device.
15. a kind of electronic equipment, comprising:
One or more processors;
Storage device is stored thereon with one or more programs,
When one or more of programs are executed by one or more of processors, so that one or more of processors are real
Now such as method described in any one of claims 1-8.
16. a kind of computer-readable medium, is stored thereon with computer program, wherein real when described program is executed by processor
Now such as method described in any one of claims 1-8.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811638829.9A CN109725951A (en) | 2018-12-29 | 2018-12-29 | Control method, system, electronic equipment and computer-readable medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811638829.9A CN109725951A (en) | 2018-12-29 | 2018-12-29 | Control method, system, electronic equipment and computer-readable medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109725951A true CN109725951A (en) | 2019-05-07 |
Family
ID=66297985
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811638829.9A Pending CN109725951A (en) | 2018-12-29 | 2018-12-29 | Control method, system, electronic equipment and computer-readable medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109725951A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111797390A (en) * | 2020-07-14 | 2020-10-20 | 北京元心科技有限公司 | Program running method and device, electronic equipment and computer readable storage medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040193818A1 (en) * | 2003-03-31 | 2004-09-30 | Fujitsu Limited | Memory device, memory access limiting system, and memory access method |
CN103064747A (en) * | 2012-12-13 | 2013-04-24 | 郑州威科姆科技股份有限公司 | Communication method for different WEB window pages in WES7 environment |
CN104881616A (en) * | 2015-06-29 | 2015-09-02 | 北京金山安全软件有限公司 | Privacy information storage method and device based on application program |
CN106993220A (en) * | 2017-04-18 | 2017-07-28 | 北京元心科技有限公司 | Method and device for adjusting multimedia decoding information buffer zone |
CN108171085A (en) * | 2017-11-27 | 2018-06-15 | 深圳市金立通信设备有限公司 | A kind of guard method, terminal device and computer-readable medium for solving confidential information |
CN108573143A (en) * | 2017-03-10 | 2018-09-25 | 南京大学 | The stack guard method verified based on program pitching pile and multidate information |
-
2018
- 2018-12-29 CN CN201811638829.9A patent/CN109725951A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040193818A1 (en) * | 2003-03-31 | 2004-09-30 | Fujitsu Limited | Memory device, memory access limiting system, and memory access method |
CN103064747A (en) * | 2012-12-13 | 2013-04-24 | 郑州威科姆科技股份有限公司 | Communication method for different WEB window pages in WES7 environment |
CN104881616A (en) * | 2015-06-29 | 2015-09-02 | 北京金山安全软件有限公司 | Privacy information storage method and device based on application program |
CN108573143A (en) * | 2017-03-10 | 2018-09-25 | 南京大学 | The stack guard method verified based on program pitching pile and multidate information |
CN106993220A (en) * | 2017-04-18 | 2017-07-28 | 北京元心科技有限公司 | Method and device for adjusting multimedia decoding information buffer zone |
CN108171085A (en) * | 2017-11-27 | 2018-06-15 | 深圳市金立通信设备有限公司 | A kind of guard method, terminal device and computer-readable medium for solving confidential information |
Non-Patent Citations (1)
Title |
---|
大仙爷: "微信小程序API之数据缓存", 《HTTPS://WWW.JIANSHU.COM/P/D0901074EF5E》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111797390A (en) * | 2020-07-14 | 2020-10-20 | 北京元心科技有限公司 | Program running method and device, electronic equipment and computer readable storage medium |
CN111797390B (en) * | 2020-07-14 | 2024-01-26 | 北京元心科技有限公司 | Program running method, program running device, electronic equipment and computer readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11520912B2 (en) | Methods, media, apparatuses and computing devices of user data authorization based on blockchain | |
CN113396569B (en) | System and method for second factor authentication of customer support calls | |
CN112287372B (en) | Method and apparatus for protecting clipboard privacy | |
CN111199037B (en) | Login method, system and device | |
CN107528830B (en) | Account login method, system and storage medium | |
CN109831464A (en) | Method and apparatus for ciphertext data | |
CN113179323B (en) | HTTPS request processing method, device and system for load balancing equipment | |
CN113661699B (en) | System and method for pre-authentication of customer support calls | |
CN105740670B (en) | Using encryption, starting method and apparatus | |
KR20140135418A (en) | System and method for single-sign-on in virtual desktop infrastructure environment | |
EP4350556A1 (en) | Information verification method and apparatus | |
CN112039826A (en) | Login method and device applied to applet terminal | |
CN110708291B (en) | Data authorization access method, device, medium and electronic equipment in distributed network | |
CN109743161A (en) | Information ciphering method, electronic equipment and computer-readable medium | |
CN110120952A (en) | A kind of total management system single-point logging method, device, computer equipment and storage medium | |
CN107835181A (en) | Right management method, device, medium and the electronic equipment of server cluster | |
CN112765642A (en) | Data processing method, data processing apparatus, electronic device, and medium | |
CN107920060A (en) | Data access method and device based on account | |
CN109491721A (en) | Method and apparatus for load information | |
CN112115500A (en) | Method, device and system for accessing file | |
CN109725951A (en) | Control method, system, electronic equipment and computer-readable medium | |
CN116011590A (en) | Federal learning method, device and system | |
CN113297557A (en) | Account data authorization method, device, equipment and computer readable storage medium | |
CN110492998A (en) | The method of encryption and decryption data | |
CN115174062B (en) | Cloud service authentication method, device, equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |